7 VulnDB-API

Requirements

Linux Control Center = 2.10.X or higher

Overview

The Linux Control Center (LCC) has the 7vulndb-api, a constantly updated database with information about vulnerable packages from the main Linux distributions. The identification process uses the database to check for packages with vulnerabilities. Then, a scan is performed on all hosts managed by the LCC to compare and identify the presence of any package listed in the database.

Objective

The objective of this manual is to demonstrate the step-by-step process for using the LCC's 7Vulndb vulnerability API.

Identifying Vulnerable Packages with the 7 Vulndb API

When performing this action on a Host, all packages with identified vulnerabilities will be marked. If the same package with vulnerability is installed on another Host, it will also be flagged in the Console.

  1. Access the LCC and click on 7 Vulndb API

  1. Click on Check Vulnerability

  1. The Status column will have the phrase Waiting API process: indicating that the API is performing the scan.

  1. The Status column will have API awnser received:, indicating that the scan has finished, along with the number of packages scanned.

  1. These are the descriptions of the information fields on the 7 Vulndb API screen

  • Packages request: Total number of packages sent for analysis.

  • Packages vulnerable: Number of packages that have some vulnerability, whether exploitable or not.

  • Request Uuid: Request identifier.

  • Created at: Time the analysis request was sent.

  • Updated at: Time the analysis request was completed.

Package Analysis Vulnerabilities

After the scan is complete, you can get more details about the vulnerabilities found in the packages.

  1. Click on Hosts in the left side menu.

  1. Click on a desired Host and click on CVEs.

  1. All CVEs identified in all packages will be displayed.

  1. To find the CVE of a specific package, change the selector from Host to Package

  1. Click on Filter Packages

  1. Note that it is possible to use the Package Vulnerable By Tenable filter in conjunction with the Package Vulnerable By 7Vulndb filter

  2. Select the desired filters and click on Confirm Filter.

  1. This way, only the vulnerabilities related to the selected packages will be listed.

Updating Vulnerable Packages

  1. In the left side menu of the LCC, click on Hosts.

  1. Select 1 or more Hosts and click on the Actions button at the top of the page and execute the Package Vulnerable Update action.

  1. Confirm the action by clicking Yes

  1. Open the host that sent the action and click on Actions History

  1. Wait for the actions Package Vulnerable update, Package Check Update and Photography to have the status Processed

  1. With this action, some vulnerabilities that can be mitigated only by updating packages will no longer be a risk to your environment!

Based on this information, it is possible to develop some security measures such as:

  • Update package

  • Proactive monitoring

  • Freeze package version until the version situation is investigated.

  • Vulnerability management

  • Backup and recovery

Although not limited to these options, these measures aim to mitigate possible vulnerabilities and promote a safer environment.

PreviousInstall Tenable AgentNextCustom Scripts

Last updated